Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re: Re: How do *you* secure your network with Perl?

by Rhose (Priest)
on Mar 27, 2002 at 14:58 UTC ( #154680=note: print w/ replies, xml ) Need Help??


in reply to Re: How do *you* secure your network with Perl?
in thread How do *you* secure your network with Perl?

While you *could* write an IDS in perl, I am pretty sure any link with much activity would cause the PerlIDS(tm) to drop packets.

However, a better use for perl in your IDS implementation is in the role of analysis scripts. Your IDS implementation should probably consist of one or more "quick and dirty" systems -- snort (or your IDS of choice) with fewer rules, and one or more analysis machines. Perl excels in the analysis role -- processing "historical" data.


Comment on Re: Re: How do *you* secure your network with Perl?
(shockme) Re: Re: Re: How do *you* secure your network with Perl?
by shockme (Chaplain) on Mar 28, 2002 at 03:20 UTC
    On the subject of analysis (and somewhat removed from "modules"), I've had great success with Psionic's PortSentry, HostSentry and LogSentry.

    If things get any worse, I'll have to ask you to stop helping me.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://154680]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (7)
As of 2014-07-26 17:38 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (178 votes), past polls